The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that hackers are actively exploiting a vulnerability affecting Samsung devices.
According to The Hacker News devices , the vulnerability, assigned tracking code CVE-2023-21492 with a CVSS score of 4.4, affects some Samsung running Android 11 , 12 and 13. The Korean electronics company describes it as a vulnerability that discloses information. information, can be exploited by attacks to bypass operating system memory protections (ASLR).
ASLR is a security technique designed to prevent overflows and code execution errors by hiding the location of the executable file in the device’s memory. Samsung said it disclosed the vulnerability exclusively to the company on January 17, 2023
The details of how to exploit the vulnerability are currently unknown, but vulnerabilities in Samsung phones have been used by commercial spyware vendors to deploy malware.
In August 2020, Google’s Project Zero team demonstrated a clickless remote MMS attack that took advantage of two cache override vulnerabilities in the Quram qmg library (tracking codes SVE-2020-16747 and SVE-2020). -17675) to defeat the ASLR technique and execute the code.
In light of the abuse, CISA added this security flaw to its list of Known Exploited Vulnerabilities (KEVs), along with two Cisco IOS vulnerabilities (tracking code CVE-2004-1464 and CVE- 2016-6415). CISA has urged agencies to apply patches by June 9, 2023.
Last week, CISA also added seven vulnerabilities to KEV, with the oldest being a 13-year-old bug affecting Linux (CVE-2010-3904) that allows attackers to upgrade privileges to high best
